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C. REMARKS 

Applicants respectfully request reconsideration of the outstanding rejections and 
reexamination of the present application in light of the following amendments and 
remarks. 

Status of the Claims 

Claims 1 , 4, and 7 are currently pending. Claims 2, 3, 5, 6, and 8-21 are 
canceled. 

In this Amendment, Applicants has amended claim 1 and canceled claims 2, 3, 5, 
6, and 8-21 from further consideration in this application. Applicants are not conceding 
that the subject matter encompassed by claims 1-21 , prior to this Amendment, is not 
patentable over the art cited by the Examiner. Claim 1 was amended and claims 2, 3, 
5, 6, and 8-21 were canceled in this Amendment solely to facilitate expeditious 
prosecution of the remaining claims. Applicant respectfully reserves the right to pursue 
additional claims, including the subject matter encompassed in claims 1-21, as 
presented prior to this Amendment and additional claims in one or more continuing 
applicants. 

Drawings 

Applicants note that the Second Office Action does not indicate whether the 
drawings filed with the present application are accepted. Applicants respectfully request 
that in any subsequent actions or a notice of allowance, that the Examiner indicate his 
acceptance of the formal drawings currently filed in the present application. 

Claims 1, 4, and 7 are not Obvious under Dorenbosch and Alkhatib under 35 USC 
103(a) 

The Office Action rejects claims 1 , 2, 4, 5, 7, 8, 9, 1 1 , 1 2, 1 4, 1 5, 1 6, 1 8, 1 9, and 
21 under 35 USC 103(a) as being unpatentable over Dorenbosch (US Publication 
2002/0138622) in view of Alkhatib et al. (US Publication 2004/0044778) (herein referred 
to as Alkhatib. [Office Action, p. 2] Applicants have canceled claims 2, 5, 8, 9, 1 1 , 1 2, 
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14, 15, 16, 18, 19, and 21 and therefore the rejection is no longer applicable in the 
present application. 

As noted in the Office Action, under 35 USC §1 03(a) a patent may not be 
obtained though the invention is not identically disclosed as described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. In Graham v. John Deere, the Supreme Court 
clarified that "under 103, in considering the obviousness or nonobviousness of the 
subject matter, the scope and content of the prior art are to be determined; differences 
between the prior art and the claims at issue are to be ascertained; and the level of 
ordinary skill in the pertinent art resolved, in addition to evaluating evidence of 
secondary considerations." Graham, 383 U.S. 1, 148 USPQ 459 (1966). 

The Examiner bears the initial burden of supporting any prima facie conclusion of 
obviousness. See In re Rinehart, 531, F.2d 1048, 189, USPQ 143 (CCPA 1976); KSR 
International Co. v. Teleflex Inc., 82 USPQ2d 1385, 1396 (2007); MPEP 2142. The key 
to supporting a rejection under 35 USC 103 is the clear articulation of the reasons why 
the claimed invention would have been obvious; the analysis supporting a rejection 
under 35 USC 103 should be made explicit. See KSR International Co., 82 USPQ2d at 
1396; MPEP 2142 (Rev. 6, Sept. 2007). 

Applicants have amended claim 1 and traverse the rejection of claims 1, 4, and 7 
in view of the amendments to the claims. Although Applicants amend the claims in the 
present application, Applicants do not concede that the Examiner has established a 
prima facie case of obviousness as to the claims as originally presented. 

Claim 1 

Claim 1 currently reads: 

Claim 1 (Currently Amended): A method for accessing a data processing 
system behind a network address translation (NAT) enabled network, 
comprising: 
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responsive to detecting a user request from a client system to 
establish a connection with a domain name, wherein said domain name 
identifies a NAT data processing system located behind said NAT enabled 
network, sending said request for said domain name to a local domain 
name service (DNS) server; 

responsive to said local DNS server returning a fail response 
indicating no authoritative address for said domain name, identifying an IP 
address for a NAT device associated with said requested domain name 
from a configuration file for a host client domain for said client system; 

sending a DNS query of said domain name to said NAT device at 
said IP address for said NAT device; 

qu e ry i ng, from a c lie nt syst e m l ocated outs i d e a NAT e nab le d n e twork, a 
NAT d e v i c e for an addr e ss of a NAT data proc e ss i ng syst e m l ocat e d 
b e h i nd sa i d NAT e nab le d n e twork; 

automatically routing said query through said NAT device to a 
second DNS server that stores a plurality of private addresses for a 
plurality of systems located behind said NAT enabled network and said 
source routing address for said NAT device; 

responsive to receiving said query for said address of said NAT 
data processing system at said DNS server, returning from said DNS 
server to said client system said plurality of private addresses for said 
NAT data processing system and a plurality of parallel data processing 
systems providing a same service as said NAT data processing system 
located behind said NAT enabled network w h e r ei n sa i d DNS s e rv e r 
r e turns an addr e ss for sa i d NAT data proc e ss i ng syst e m and said source 
routing address for said NAT device; [[and]] 

sending packets, from said client system to said NAT data 
processing system at a particular [[said]] address associated with said 
NAT data processing system from among said plurality of private 
addresses with loose source routing enabled through said NAT device at 
said source routing address , such that said NAT data processing system 
behind said NAT enabled network is directly accessed by said client 
system from outside said NAT enabled network ; and 

responsive to said client system receiving a fail signal from an 
attempt to send packets to said NAT data processing system, sending 
packets from said client system to a next data processing system from 
among said plurality of parallel data processing systems at one of said 
plurality of private addresses with loose source routing enabled through 
said NAT device at said source routing address . 

No new matter is presented through the amendments to claim 1 

Applicants respectfully assert that no new matter is added through the 
amendments to claim 1 because the specification fully teaches each of the amended 
AUS920030732US1 7 
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elements. The specification, and for example paragraphs 0038, 0042, 0044, and 0047, 
teach each of responsive to detecting a user request from a client system to establish a 
connection with a domain name, wherein said domain name identifies a NAT data 
processing system located behind said NAT enabled network, sending said request for 
said domain name to a local domain name service (DNS) server ; responsive to said 
local DNS server returning a fail response indicating no authoritative address for said 
domain name, identifying an IP address for a NAT device associated with said 
requested domain name from a configuration file for a host client domain for said client 
system; sending a DNS query of said domain name to said NAT device at said IP 
address for said NAT device ; and sending packets, from said client system to said NAT 
data processing system at a particular address associated with said NAT data 
processing system from among said plurality of private addresses with loose source 
routing enabled through said NAT device at said source routing address, such that said 
NAT data processing system behind said NAT enabled network is directly accessed by 
said client system from outside said NAT enabled network . In addition, for example, 
paragraph 0039 and claim 6, teach each of responsive to receiving said query for said 
address of said NAT data processing system at said DNS server, returning from said 
DNS server to said client system said plurality of private addresses for said NAT data 
processing system and a plurality of parallel data processing systems providing a same 
service as said NAT data processing system located behind said NAT enabled network 
and said source routing address for said NAT device ; and responsive to said client 
system receiving a fail signal from an attempt to send packets to said NAT data 
processing system, sending packets from said client system to a next data processing 
system from among said plurality of parallel data processing systems at one of said 
plurality of private addresses with loose source routing enabled through said NAT 
device at said source routing address . 

Claim 1 is not obvious under the currently cited prior art 
AUS920030732US1 8 
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As previously noted, in determining obviousness, a Graham inquiry is first to be 
performed. As a first step of the Graham inquiry, the scope and content of the prior art 
are to be determined. 

As to Dorenbosch, the Office Action cites paragraph 0033 as reading on the 

original elements of claim 1 . Lines 1 -3 of paragraph 0033 of Dorenbosch describe a 

context of a push session from a client system to a mobile device behind a NAT 

network, where the protocol used to start the push session is DNS. In this example, a 

client sends a DNS query for the IP address corresponding to the user name of the 

mobile device. Paragraph 0033 of Dorenbosch further describes: 

the DNS query message will travel through the public network 101, the 
NAT 107 and the private network 105 to reach the DNS server 111. The 
DNS server will access its database, retrieve the mobile devices long lived 
address, insert the address into the DNS message body of a response 
DNS message, and send the response DNS message to the originator of 
the query. On its way to the push server or client, the response DNS 
message will hit the NAT 107. ... NAT however, does detect the presence 
of the DNS message body and invokes the help of a DNS application level 
gateway (DNS ALG) 109. .. The DNS ALG will identify IP addresses and 
port numbers that need to be substituted, request NAT to provide a 
dynamic address and optional port number for the mobile device, and 
provide substitution with the dynamic public address and port number 
assigned by NAT. The push server or client 103 thus obtains IP address 
information for to the mobile deice and can continue the session and send 
one or more IP data packets to the mobile device, using the dynamic 
address as the destination IP address. 

Thus, the scope of Dorenbosch is a DNS server that includes a mobile device user 
name/private address pairing, which is substituted by the NAT with a dynamic address 
in the response to a DNS request. A client system then communicates with the mobile 
device using the dynamic address as the destination IP address. As noted in the Office 
Action, Dorenbosch does not teach communication the client accessing the mobile 
device through an address for the mobile device with source routing through the NAT 
device. 

As to Alkhatib, as to the element of "sending with source routing", the Office 
Action cites paragraph 0150, line 12 of Alkhatib and as to "through a NAT device", the 
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Office Action cites paragraph 0150, lines 24-25 of Alkhatib and the phrase "data can 
flow between hosts A and C... through NAT..."). [Office Action, p. 3] Applicants 
consider paragraph 0150, lines 12 and 24-25 within the context of Alkhatib as a whole, 
as is proper in a Graham inquiry. Alkhatib describes an entity within a NAT network that 
establishes a persistent connection with an agent outside the NAT network through a 
specific port assigned by the NAT for the communication between the entity and the 
agent. Alkhatib, paragraphs 0044, 0048, Figure 2. A host outside the NAT network 
communicates with the agent and the agent sends the communication through the 
persistent connection through a port dedicated by the NAT for the connection. Alkhatib, 
paragraph 0059. Paragraph 0149 of Alkhatib describes a situation where a persistent 
connection is first established with a particular destination IP address, but a paging 
solution is added where once host A establishes a persistent connection with a 
server/agent outside the NAT network, host B sends a page to the server requesting 
host A to establish a connection with host B, the server forwards the page to host A and 
then host A establishes a connection with host B, so that host B replaces the server. 
Paragraph 0150 of Alkhatib describes a situation in which a paging solution is applied 
where both hosts A and C are private entities behind NAT devices and the persistent 
connection established by host A with the server is for signaling purposes between the 
server and host A. In paragraph 01 50 of Alkhatib, the NAT for host C sends a UDP 
packet to the NAT for host A, with an assigned port number and request to 
communicate, routed through the server and in response, the server pages host A with 
the IP address of the NAT for host C and the selected port number, over the persistent 
connection between the server and host A, to trigger host A to respond to host C at the 
port number and IP address. The NAT for host A selects a port number for the 
connection between host A and host C and from this point on, "data can flow between 
hosts A and C in both directions through NAT 12 and NAT 542 and the ports selected 
therein" as cited in the Office Action. Alkhatib, paragraph 0150, Figure 1 1 . More 
specifically, paragraph 0150, lines 1 1-13 describe that in the server facilitating 
establishing a connection between the NAT devices, "In order for the port number 
selected by NAT 542 to become known to host A, this first UDP packet is source routed 
AUS920030732US1 10 
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through the server." When considered in the context of paragraph 0150 and Alkhatib as 
a whole, this statement indicates that the NAT for host C cannot just send a request for 
a connection directly to the NAT for host A, but host C can designate the destination by 
source routing through the server. 

Applicants respectfully assert that the only explicit source routing specified in 
paragraph 0150 of Alkhatib is described with respect to source routing through a server, 
not through a NAT device. In contrast, claim 1 teaches source routing through a NAT 
device. Thus, Alkhatib does not stand for the proposition on page 4 of the Office Action 
of "the general concept of providing source routing through a NAT device is well known 
in the art as illustrated by Alkhatib who discloses source routing through a NAT device 
in an accessing method, system, and product with means." 

In view of the amendments to claim 1 to incorporate the previous elements of 
dependent claim 6, Applicants also note the contents and scope of Dorenbosch, 
Alkhatib, and Dalgic in view of the previous rejection of claim 6 under the combination of 
these references. In particular, as to the elements of "returning, from said DNS server, 
a plurality of addresses of a plurality of parallel data processing systems to said NAT 
data processing system located behind said NAT enabled network" and "send packets 
to said NAT data processing system, sending packets to a first data processing system 
from among said plurality of parallel data processing systems at one of said plurality of 
addresses with routing through said NAT device" the Office action cites Dorenbosch as 
reciting these elements. [Office Action, pp. 12, 13] In particular, as to "returning from 
said DNS server, a plurality of addresses" the Office Action cites paragraph 0019, 10 
lines from the bottom of Dorenbosch as describing "a plurality of mobile devices" and 
notes that paragraph 0033 discloses that the mobile device address is returned by the 
DNS. This statement by the Office Action that because the NAT device may support 
multiple devices, then Dorenbosch teaches responding to a DNS inquiry for a particular 
device with multiple addresses, is overly broad and overreaches the scope and contents 
of Dorenbosch. In particular, paragraph 0019 of Dorenbosch does not teach "a plurality 
of mobile devices", and even if Dorenbosch described that there could be multiple 
mobile devices behind a NAT enabled network, no portion of Dorenbosch, including 
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paragraph 0033, teaches or would support a teaching of a DNS server returning a 
plurality of addresses for the multiple mobile devices in response to a DNS inquiry for a 
particular mobile device. In addition, the Office Action cites Dorenbosch paragraph 
0033 alone as reading on both the elements of "sending of packets to the NAT data 
processing system" and also the "sending of packets to a first data processing system 
from among the parallel systems behind a NAT enabled network at one of the plurality 
of addresses." Again, this statement by the Office Action as to the scope and contents 
of Dorenbosch is overly broad; no portion of Dorenbosch describes a client system 
receiving multiple addresses and then requesting access to different ones of the 
devices at the addresses. 

Continuing with regard to claim 6, the Office Action recites Dorenbosch as 
teaching the elements of claim 6, except for "responding to reception of a fail signal" 
and "source routing". [Office Action, p. 13] As to the element of "responding to 
reception of a fail signal, the Office Action recites Dalgic's description in column 2, lines 
51-53 of "Further in some embodiments, a secondary gate controller can send a 
message to the edge router indicating the failure of the gate controller. The edge 
router can update the call state information after receiving the message..." The Office 
Action relies on this description in Dalgic for supporting "the general concept of 
responding to a fail signal is well known in the art as illustrated by Dalgic who discloses 
a fail signal in an H.323 system which does network address translation." [Office 
Action, p. 14] Applicants respectfully submit that Dalgic's description of a failure signal 
alone does not stand for the general concept of responding to a fail signal. In addition, 
Applicants respectfully submit that Dalgic is limited in scope to a device (edge router) 
receiving a failure signal and the router updating data (state information). No portion of 
Dalgic, nor the portion cited by the Examiner, teaches responding to a failure signal by 
attempting a connection through a different address. 

As to a second step in the Graham inquiry, the differences between the claimed 
invention and the prior art are to be determined. Applicants contrast Dorenbosch, 
Alkhatib to the current claim limitations. 
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Applicants submit that one difference between claim Dorenbosch and Alkhatib 
and claim 1 is that Dorenbosch describes a client requesting access with the dynamic 
address, substituted by the NAT device, and returned in a DNS query, and Alkhatib 
describes source routing through a server, not through a NAT system, however, in 
contrast, claim 1 teaches a DNS server returning an address for a system behind the 
NAT enabled network and a source routing address for the NAT device and the client 
sending packets to the system at the address through source routing through the NAT 
device. In addition, claim 1 is amended to teach sending packets, from said client 
system to said NAT data processing system at a particular address associated with said 
NAT data processing system from among said plurality of private addresses with loose 
source routing enabled through said NAT device at said source routing address , where 
neither Dorenbosch nor Alkhatib teaches loose source routing enabled through the NAT 
device. 

Applicants submit that another difference between Dorenbosch and Alkhatib and 
claim 1 is that paragraph 0033 of Dorenbosch describes sending the mobile name in a 
DNS query, which is passed through the NAT device to a DNS server, which stores the 
correspondence between a mobile device's user name and the device's long lived IP 
address, however, in contrast, claim 1 is amended to teach that responsive to teach that 
responsive to detecting a user DNS query, the query is first submitted to a local DNS, 
and responsive to a local DNS returning fail response, an IP address for the NAT 
device associated with the requested domain name is identified from a configuration file 
for a host client domain for the client system. Dorenbosch and Alkhatib fail to teach 
these amended elements because neither reference, separately, or in combination, 
teaches first querying a local DNS server with the domain name query, and if the local 
DNS server does not already have the address for the domain name, then identifying 
the IP address for the NAT device from a configuration file for the host client domain 
and sending the DNS request to the IP address of the NAT device. 

Applicants submit that yet another difference between Dorenbosch and Alkhatib 
and Dalgic, as previously noted, Dorenbosch may describe multiple mobile devices 
behind a NAT enabled device, but Dorenbosch describes a one-to-one correlation 
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between mobile device name and private address and Dorenbosch only describes 
returning a single private address in response to a DNS request for a particular mobile 
device. In contrast, the DNS server of claim 1 , responsive to receiving a query for the 
address of the NAT data processing system, returns multiple private addresses for 
multiple parallel data processing systems providing a same service as the NAT data 
processing system and the client system, responsive to a failure to access the originally 
requested NAT data processing system, attempts to access another parallel data 
processing system from the multiple addresses returned with the DNS request. 
Dorenbosch fails to teach these elements because it fails to teach parallel data 
processing systems behind a NAT enabled network that provide a same service, it fails 
to teach a DNS server returning the addresses for all the parallel systems providing a 
same service responsive to a request for the NAT data processing system, and it fails to 
teach a client system attempting access to one of the parallel systems. 

Applicants respectfully submit that even if Dorenbosch and Alkhatib and Dalgic 
are considered, as previously noted, the difference between these references and claim 
1 is that Dorenbosch only describes one address returned for one DNS query and 
Dalgic only describes that in response to a router receiving a failure signal, the router 
updates state information. Dorenbosch fails to teach a client system that has accesses 
multiple addresses to systems that perform a same service from a single DNS request 
and Dalgic fails to teach responding to a failure signal by attempting to access a 
different system. In contrast, claim 1 teaches both a DNS server returning a plurality of 
private addresses for systems providing a same service in response to a DNS query for 
a particular system and responsive to said client system receiving a fail signal from an 
attempt to send packets to said NAT data processing system, sending packets from 
said client system to a next data processing system from among said plurality of parallel 
data processing systems at one of said plurality of private addresses with loose source 
routing enabled through said NAT device at said source routing address. 

Therefore, in view of the gapping differences between the prior art and claim 1 , 
Applicants respectfully submit that regardless of the lack of a clearly articulated 
rationale in the Office Action as to the original claims, in view of the amendments to the 
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claims, it is clear that any statement of obviousness previously presented in the Office 
Action is not sufficient to support a prima facie case of obviousness as to claim 1 . 
In addition, Applicants submit that in view of the differences between the prior art and 
claim 1 , the differences show that the gap between the prior art and the claimed 
invention has become so great as to render the claimed invention nonobvious to one 
reasonably skilled in the art. Because claim 1 would not have been obvious to one of 
ordinary skill in the art at the time of the invention, Applicants respectfully request 
withdrawal of the rejection under 35 USC 103(a) and allowance of the claims. KSR, 82 
USPQ2d at 1396; Dann v. Johnston, 425 U.S. 219, 230 (1976). 

Claims 4 and 7 

Applicants respectfully assert that because claims 4 and 7 are dependent upon 
claim 1 , which are allowable as not obvious under the prior art, including Dorenbosch, 
Alkhatib, and Dalgic, claims 4 and 7 are also allowable by virtue of the dependency. 
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Conclusion 

In view of the foregoing, withdrawal of the rejections and the allowance of the 
current pending claims is respectfully requested. If the Examiner feels that the pending 
claims could be allowed with minor changes, the Examiner is invited to telephone the 
undersigned to discuss an Examiner's Amendment. 



No extension of time is believed to be necessary. If, however, an extension of 
time is required, the undersigned hereby authorizes the Commissioner to charge any 
fees for this extension to IBM Corporation Deposit Account No. 09-0447. 



Respectfully submitted, 

By /Amy J. Pattillo. Reg. No. 46.983/ 
AMY J. PATTILLO 
Registration No. 46,983 
P.O. BOX 161327 
AUSTIN, TEXAS 78716 
ATTORNEY FOR APPLICANTS 
Telephone: 512-402-9820 
Facsimile: 512-306-0417 
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